OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/transport_security_state.h" | 5 #include "net/base/transport_security_state.h" |
6 | 6 |
7 #include <set> | |
8 | |
7 #include "base/base64.h" | 9 #include "base/base64.h" |
8 #include "base/json/json_reader.h" | 10 #include "base/json/json_reader.h" |
9 #include "base/json/json_writer.h" | 11 #include "base/json/json_writer.h" |
10 #include "base/logging.h" | 12 #include "base/logging.h" |
11 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
12 #include "base/sha2.h" | 14 #include "base/sha2.h" |
13 #include "base/string_number_conversions.h" | 15 #include "base/string_number_conversions.h" |
14 #include "base/string_tokenizer.h" | 16 #include "base/string_tokenizer.h" |
15 #include "base/string_util.h" | 17 #include "base/string_util.h" |
16 #include "base/utf_string_conversions.h" | 18 #include "base/utf_string_conversions.h" |
17 #include "base/values.h" | 19 #include "base/values.h" |
18 #include "googleurl/src/gurl.h" | 20 #include "googleurl/src/gurl.h" |
19 #include "net/base/dns_util.h" | 21 #include "net/base/dns_util.h" |
22 #include "net/base/x509_cert_types.h" | |
23 #include "net/base/x509_certificate.h" | |
20 | 24 |
21 namespace net { | 25 namespace net { |
22 | 26 |
23 const long int TransportSecurityState::kMaxHSTSAgeSecs = 86400 * 365; // 1 year | 27 const long int TransportSecurityState::kMaxHSTSAgeSecs = 86400 * 365; // 1 year |
24 | 28 |
25 TransportSecurityState::TransportSecurityState() | 29 TransportSecurityState::TransportSecurityState() |
26 : delegate_(NULL) { | 30 : delegate_(NULL) { |
27 } | 31 } |
28 | 32 |
29 void TransportSecurityState::EnableHost(const std::string& host, | 33 void TransportSecurityState::EnableHost(const std::string& host, |
30 const DomainState& state) { | 34 const DomainState& state) { |
31 const std::string canonicalized_host = CanonicalizeHost(host); | 35 const std::string canonicalized_host = CanonicalizeHost(host); |
32 if (canonicalized_host.empty()) | 36 if (canonicalized_host.empty()) |
33 return; | 37 return; |
34 | 38 |
39 // TODO(cevans) -- we likely want to permit a host to override a built-in, | |
40 // for at least the case where the override is stricter (i.e. includes | |
41 // subdomains, or includes cert locks). | |
35 bool temp; | 42 bool temp; |
36 if (IsPreloadedSTS(canonicalized_host, &temp)) | 43 if (IsPreloadedSTS(canonicalized_host, &temp)) |
37 return; | 44 return; |
38 | 45 |
39 char hashed[base::SHA256_LENGTH]; | 46 char hashed[base::SHA256_LENGTH]; |
40 base::SHA256HashString(canonicalized_host, hashed, sizeof(hashed)); | 47 base::SHA256HashString(canonicalized_host, hashed, sizeof(hashed)); |
41 | 48 |
42 // Use the original creation date if we already have this host. | 49 // Use the original creation date if we already have this host. |
43 DomainState state_copy(state); | 50 DomainState state_copy(state); |
44 DomainState existing_state; | 51 DomainState existing_state; |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
121 // include_subdomains is. | 128 // include_subdomains is. |
122 if (i == 0) | 129 if (i == 0) |
123 return true; | 130 return true; |
124 | 131 |
125 return j->second.include_subdomains; | 132 return j->second.include_subdomains; |
126 } | 133 } |
127 | 134 |
128 return false; | 135 return false; |
129 } | 136 } |
130 | 137 |
138 bool TransportSecurityState::IsAcceptableCertificate(const std::string& host, | |
139 X509Certificate* cert) { | |
140 DomainState state; | |
141 if (!IsEnabledForHost(&state, host)) | |
142 return true; | |
143 | |
144 if (state.cert_locks.empty()) | |
145 return true; | |
146 | |
147 std::set<std::string> fingerprints; | |
148 X509Certificate::OSCertHandles cert_chain; | |
149 X509Certificate::GetCertChainFromCert(cert->os_cert_handle(), &cert_chain); | |
150 { | |
151 X509Certificate::OSCertHandles::const_iterator i; | |
152 for (i = cert_chain.begin(); i != cert_chain.end(); ++i) { | |
153 net::SHA1Fingerprint fingerprint = | |
154 X509Certificate::CalculateFingerprint(*i); | |
155 std::string hash; | |
156 for (size_t i = 0; i < sizeof(fingerprint.data); ++i) | |
157 hash += StringPrintf("%02X", fingerprint.data[i]); | |
abarth-chromium
2011/04/04 22:49:36
This code looks pretty low-level. Why can't SHA1F
| |
158 fingerprints.insert(hash); | |
159 } | |
160 } | |
161 X509Certificate::DestroyCertChain(&cert_chain); | |
162 std::vector<std::string>::const_iterator locks_iter; | |
163 for (locks_iter = state.cert_locks.begin(); | |
164 locks_iter != state.cert_locks.end(); ++locks_iter) { | |
165 std::string cert_lock = *locks_iter; | |
166 if (fingerprints.find(cert_lock) != fingerprints.end()) | |
167 return true; | |
168 } | |
169 return false; | |
170 } | |
171 | |
131 void TransportSecurityState::DeleteSince(const base::Time& time) { | 172 void TransportSecurityState::DeleteSince(const base::Time& time) { |
132 bool dirtied = false; | 173 bool dirtied = false; |
133 | 174 |
134 std::map<std::string, DomainState>::iterator i = enabled_hosts_.begin(); | 175 std::map<std::string, DomainState>::iterator i = enabled_hosts_.begin(); |
135 while (i != enabled_hosts_.end()) { | 176 while (i != enabled_hosts_.end()) { |
136 if (i->second.created >= time) { | 177 if (i->second.created >= time) { |
137 dirtied = true; | 178 dirtied = true; |
138 enabled_hosts_.erase(i++); | 179 enabled_hosts_.erase(i++); |
139 } else { | 180 } else { |
140 i++; | 181 i++; |
(...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
305 break; | 346 break; |
306 case DomainState::MODE_SPDY_ONLY: | 347 case DomainState::MODE_SPDY_ONLY: |
307 state->SetString("mode", "spdy-only"); | 348 state->SetString("mode", "spdy-only"); |
308 break; | 349 break; |
309 default: | 350 default: |
310 NOTREACHED() << "DomainState with unknown mode"; | 351 NOTREACHED() << "DomainState with unknown mode"; |
311 delete state; | 352 delete state; |
312 continue; | 353 continue; |
313 } | 354 } |
314 | 355 |
356 ListValue* locks = new ListValue; | |
357 std::vector<std::string>::const_iterator lock_strings; | |
358 for (lock_strings = i->second.cert_locks.begin(); | |
359 lock_strings != i->second.cert_locks.end(); | |
360 ++lock_strings) | |
361 locks->Append(new StringValue(*lock_strings)); | |
362 state->Set("cert_locks", locks); | |
abarth-chromium
2011/04/04 22:49:36
Again, pin is probably a better term.
| |
363 | |
315 toplevel.Set(HashedDomainToExternalString(i->first), state); | 364 toplevel.Set(HashedDomainToExternalString(i->first), state); |
316 } | 365 } |
317 | 366 |
318 base::JSONWriter::Write(&toplevel, true /* pretty print */, output); | 367 base::JSONWriter::Write(&toplevel, true /* pretty print */, output); |
319 return true; | 368 return true; |
320 } | 369 } |
321 | 370 |
322 bool TransportSecurityState::Deserialise(const std::string& input, | 371 bool TransportSecurityState::Deserialise(const std::string& input, |
323 bool* dirty) { | 372 bool* dirty) { |
324 enabled_hosts_.clear(); | 373 enabled_hosts_.clear(); |
(...skipping 17 matching lines...) Expand all Loading... | |
342 std::string mode_string; | 391 std::string mode_string; |
343 double created; | 392 double created; |
344 double expiry; | 393 double expiry; |
345 | 394 |
346 if (!state->GetBoolean("include_subdomains", &include_subdomains) || | 395 if (!state->GetBoolean("include_subdomains", &include_subdomains) || |
347 !state->GetString("mode", &mode_string) || | 396 !state->GetString("mode", &mode_string) || |
348 !state->GetDouble("expiry", &expiry)) { | 397 !state->GetDouble("expiry", &expiry)) { |
349 continue; | 398 continue; |
350 } | 399 } |
351 | 400 |
401 ListValue* locks_list; | |
402 std::vector<std::string> cert_locks; | |
403 if (state->GetList("cert_locks", &locks_list)) { | |
404 size_t num_locks = locks_list->GetSize(); | |
405 for (size_t i = 0; i < num_locks; ++i) { | |
406 std::string lock_string; | |
407 if (locks_list->GetString(i, &lock_string)) | |
408 cert_locks.push_back(lock_string); | |
409 } | |
410 } | |
411 | |
352 DomainState::Mode mode; | 412 DomainState::Mode mode; |
353 if (mode_string == "strict") { | 413 if (mode_string == "strict") { |
354 mode = DomainState::MODE_STRICT; | 414 mode = DomainState::MODE_STRICT; |
355 } else if (mode_string == "opportunistic") { | 415 } else if (mode_string == "opportunistic") { |
356 mode = DomainState::MODE_OPPORTUNISTIC; | 416 mode = DomainState::MODE_OPPORTUNISTIC; |
357 } else if (mode_string == "spdy-only") { | 417 } else if (mode_string == "spdy-only") { |
358 mode = DomainState::MODE_SPDY_ONLY; | 418 mode = DomainState::MODE_SPDY_ONLY; |
359 } else { | 419 } else { |
360 LOG(WARNING) << "Unknown TransportSecurityState mode string found: " | 420 LOG(WARNING) << "Unknown TransportSecurityState mode string found: " |
361 << mode_string; | 421 << mode_string; |
(...skipping 11 matching lines...) Expand all Loading... | |
373 created_time = base::Time::Now(); | 433 created_time = base::Time::Now(); |
374 } | 434 } |
375 | 435 |
376 if (expiry_time <= current_time) { | 436 if (expiry_time <= current_time) { |
377 // Make sure we dirty the state if we drop an entry. | 437 // Make sure we dirty the state if we drop an entry. |
378 dirtied = true; | 438 dirtied = true; |
379 continue; | 439 continue; |
380 } | 440 } |
381 | 441 |
382 std::string hashed = ExternalStringToHashedDomain(*i); | 442 std::string hashed = ExternalStringToHashedDomain(*i); |
383 if (hashed.empty()) | 443 if (hashed.empty()) { |
444 dirtied = true; | |
384 continue; | 445 continue; |
446 } | |
385 | 447 |
386 DomainState new_state; | 448 DomainState new_state; |
387 new_state.mode = mode; | 449 new_state.mode = mode; |
388 new_state.created = created_time; | 450 new_state.created = created_time; |
389 new_state.expiry = expiry_time; | 451 new_state.expiry = expiry_time; |
390 new_state.include_subdomains = include_subdomains; | 452 new_state.include_subdomains = include_subdomains; |
453 new_state.cert_locks = cert_locks; | |
391 enabled_hosts_[hashed] = new_state; | 454 enabled_hosts_[hashed] = new_state; |
392 } | 455 } |
393 | 456 |
394 *dirty = dirtied; | 457 *dirty = dirtied; |
395 return true; | 458 return true; |
396 } | 459 } |
397 | 460 |
398 TransportSecurityState::~TransportSecurityState() { | 461 TransportSecurityState::~TransportSecurityState() { |
399 } | 462 } |
400 | 463 |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
493 *include_subdomains = kPreloadedSTS[j].include_subdomains; | 556 *include_subdomains = kPreloadedSTS[j].include_subdomains; |
494 return true; | 557 return true; |
495 } | 558 } |
496 } | 559 } |
497 } | 560 } |
498 | 561 |
499 return false; | 562 return false; |
500 } | 563 } |
501 | 564 |
502 } // namespace | 565 } // namespace |
OLD | NEW |